On Wed, Mar 16, 2011 at 04:41:14PM +0100, Arne Wichmann wrote: > Am I mistaken or is pam_xauth not used in Debian? This might mean that > CVE-2010-4707 and CVE-2010-4706 do not affect Debian.
It is not used by default. It is still included in the package and users may configure their systems to use it. -- Steve Langasek Give me a lever long enough and a Free OS Debian Developer to set it on, and I can move the world. Ubuntu Developer http://www.debian.org/ slanga...@ubuntu.com vor...@debian.org
signature.asc
Description: Digital signature